1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Virus Blacklist and Qmail...

Discussion in 'Plesk for Linux - 8.x and Older' started by PixyPumpkin, Nov 10, 2005.

  1. PixyPumpkin

    PixyPumpkin Guest

    0
     
    Hi,

    Yesterday my IP is been listed on a virus blacklist. I am 100% sure that this virus is not from my server so I read the FAQ of the blacklist. (http://virbl.bit.nl/faq.php) In one of the FAQ is this chapter:
    But this patch is only for Qmail stand-allone, I understand that if I want to install this patch that SW-Soft has to re-compile Qmial with Plesk? Oh, I am running Plesk Reloaded 7.5.3 with the 4PSA Clean Server (VIP Bundle) on CentOS 3. Is there a simple solution to this problem? Is it possible to drop the mail earlier or make sure that the headers are not send with bounces? I also run 4PSA Qmail Manager, maybe I oversee a setting there?

    Thx!

    //edit: Update: I spoke to the admin of the blacklist and it where indead two Failure Notices, so bouces of Qmail that sends the virus back in the header :(
     
  2. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    You can change settings in the Plesk control panel so that emails to nonexisting users are either bounced (you don't want this), sent to another email box or rejected. I have mine set so that they are sent to an address created with no mailbox and no redirect. This sends the message to a "black hole". Change the settings here:

    Domain -> Mail -> Preferences
     
  3. PixyPumpkin

    PixyPumpkin Guest

    0
     
    But how do I do this on a server level, what you sugest is on a user level?
     
  4. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    No, it's done on a domain level. I don't know of a server-wide solution.
     
  5. PixyPumpkin

    PixyPumpkin Guest

    0
     
    OK, thx, but I am looking for a server level sollution :)
     
  6. ShadowMan@

    ShadowMan@ Guest

    0
     
    Server-wide: create or edit the /var/qmail/control/rejectnonexist file, put each hosted domain in the file (one per line)

    domain1.com
    domain2.com
    domain3.net
    ...

    Restart Qmail service

    If you have not done so, I would switch from DrWeb to clamav/clamd and install qmail-scanner from ART. Infected emails will be auto-deleted, and qmail-scanner makes many things more flexible and easier to configure.
     
  7. PixyPumpkin

    PixyPumpkin Guest

    0
     
    Thx for the Tip, I am NOT using Dr. Web but 4PSA Clean Server :) is the compatible with the ART Qmail Scanner?
     
  8. ShadowMan@

    ShadowMan@ Guest

    0
     
    Yes it is. On server's using 4psa's Clean Server, I would make sure 4psa's stuff is all installed and working, then I would tweak their stuff's RulesDuJour settings (they don't make use of all the possible rulesets), then I would yum install clamav/clamd, and qmail-scanner (from ART's repository). I also remove the psa-spamassassin control module, and update spamassassin from ART as well.

    Remember to run the qmail-scanner reconfigure script after making changes to the AV or SA programs.

    So on those servers, all emails are scanned using odeiavir (from 4psa's stuff), clamav, spamassassin, perl-scan.
     
  9. PixyPumpkin

    PixyPumpkin Guest

    0
     
    Wow, Thx! I can do something with this, I think I will wait for 7.5.5 and do these patches at the same time.
     
Loading...