Author Topic: ebox and clamav  (Read 2178 times)

hortimech

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
ebox and clamav
« on: June 27, 2008, 03:01:05 pm »
I have installed ebox on top of Ubuntu 8.04 server and am trying it out, but have a few problems:
firstly whilst ebox lets you enter a relay host, there does not seem to be a way to set up the user details. You have to manualy edit /etc/postfix/main.cf adding:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =

 and then creating sasl_passwd, but it gets better, when you then start the mailfilter, the above three lines get removed and you have to enter them again, perhaps just using 'postconf' to insert the required line for the mailfilter would be better?

After setting up Fetchmail and was sure that I could send/receive mail, I found (from the relevant ebox page) that Clamav engine 0.92.1 was out of date and was asked to update it. Now as I sure you know, Ubuntu does not seem to take seriously ( MY OPINION) antivirus software and has no way of keeping up todate  with Clamav (unless you know differently, and if so please share), so after a quick Google (they can't touch you for it!) I added the Debian volatile address to sources.list and upgraded to 0.93.1.
This brought its own share of problems, the Clamav database format has changed, sorted this and got Clamav-daemon to start,
but in the process of upgrading Clamav I lost  the following three files: dansguardian ebox-squid libclamav3, so it would seem even if I wanted to, I now cannot use squid.
Now we come to final problem that I found (so far), on the summary page I get this:

       Mail filter
  Status   enabled
  Filter   ebox internal mail filter
Antivirus  Stopped
Antispam   running   
This shows that ebox thinks the antivirus software has stopped, but 'ps -e | grep clamd' gets me this '17448 ?        00:00:02 clamd' this would seem to show that it is running. Can anyone tell my how ebox checks to see if a program is running?

Apart from these small and I am sure easily fixable problems ebox looks great.


nicolasdiogo

  • Forum Moderator
  • Zen Samurai
  • *****
  • Posts: 263
  • Karma: +3/-0
  • a pessimist, but trying out optimism
    • View Profile
    • BrainPowered Business Intelligence Consultancy - UK
Re: ebox and clamav
« Reply #1 on: June 30, 2008, 01:08:33 pm »
for the password problem you will have to alter the template that ebox uses.
then everytime ebox restarts your entry to this file will persist.

unfortunatly i am not sure which file you need to amend.
maybe someone else will have more information about this.

Nicolas
my opinions and suggestion expressed on this forum are my own as a user.
please note that i am not part of the Zentyal Development Team

www.brainpowered.net - supporting open-source Business Intelligence in Europe

hortimech

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: ebox and clamav
« Reply #2 on: June 30, 2008, 03:49:15 pm »
So, what you are saying is that there is one postfix main.cf template without a mailfilter and another template with? and if/when the server reboots I will loose the relay host password lines?

If my understanding of this is correct, then this is stupid, all you need to do to add a line, is use the postconf command. This does not remove anything, just adds lines one by one. By all means start with a basic template, use sed to enter the relevant details and then postconf any further lines to it. Want to relay mail through your isp, no problem just use postconf to enter the relevant lines, write a small script to create the passwd files and away you go.
 
I will now reboot my ebox server and see what happens to the main.cf file.
 
Well it's not that bad, the alterations survive a reboot, but it still does not help with the original problem, why does ebox wipe out any alterations made to the main.cf file?
« Last Edit: June 30, 2008, 03:55:54 pm by hortimech »

Javier Amor Garcia

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1225
  • Karma: +12/-0
    • View Profile
Re: ebox and clamav
« Reply #3 on: July 03, 2008, 08:43:49 am »
The sasl is configured to use the password from eBox users, so if you use the 'Users' module there is not need to change anything.


 If you really want to change main.cf, you must know eBox overwrites all managed configuration files on start or when saving changes.
 It uses a template for writing the files, in case of main.cf the template is located at /usr/share/ebox/stubs/mail/main.cf.mas .
 If you want to customize change it and then restart eBox or  the given module (for mail module use the command /etc/init.d/ebox mail restart ) .

However you must pay attention in the upgrades, because the file will be overwritten with a new one.





Cheers.
  Javier

hortimech

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: ebox and clamav
« Reply #4 on: July 03, 2008, 04:56:18 pm »
As far as the sasl password is concerned, I think you are getting smtp and smtpd mixed up, now I am no expert, but my understanding is:

smtp is used to send mail, and if you are relaying through another mailserver you need a username and password for there.

smtpd is the receiving part of postfix on your own mailserver and users need a password to connect and receive mail

I cannot be the only person that needs to relay mail through my isp, in fact now I think of it, why does the ebox mailserver (in the way it is set up at present) not rely on the dns module. As far as I can see, without an MX record, most of the mail that a standard ebox server sends out, would either get bounced back or disappear into oblivion due to receiving mailservers not being able to look up the ebox server. To send mail, you either need an MX record pointing to your mailserver or you have to, as I am doing, relay through your isp or similar.

I do not think that you can be serious about ebox overwriting all managed configuration files at start, for if this was to happen, the server would have to be reset every time you rebooted.
 

Javier Amor Garcia

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1225
  • Karma: +12/-0
    • View Profile
Re: ebox and clamav
« Reply #5 on: July 10, 2008, 10:07:57 am »
There is some confusion we mail protocols (i have it myself), SMTP is used to send mail, relay mail and receiving mail in the server. In eBox SMTP is provided in eBox by Postfix.
To get the mail form the server to your computer (and your mail cient like outlook or kmail) you use the POP3 or the IMAP protocol.

AS for the relay password, not all relay servers need passwords, for instance if we have another mail server in the same network it can be configured to relay mail for all hosts in the network.
However you are right that password may be a requirement in many scenarios and maybe we should allow it.

eBox overwrites all managed configuration files on its start and when you click in the 'save changes' button. This is the way to assure that the configuration you have specified thought the web interface is enforced without any conflict with eother files or old versions of the files.

Cheers,
  Javier