Messages

1

Email and Groupware / Re: User Mail filters not filtering in Zentyal 5.0

« on: July 28, 2017, 03:37:00 am »

yeah, unfortunately the "support" for the development edition is very very lacking. I have actually had better luck in the Ubuntu forums. Here you are a tester more or less that sometimes warrants help. Best I can guess is you get good support with the paid edition only. I have been using this for two years and have had little to no help in this forum, again mostly had to piece together my own help through the Ubuntu forum. Decommissioning my server this weekend and moving to ClearOS, support has been great over in the community edition forums. Guess on that OS they see the potential of up selling the free edition to the paid by gaining your trust in the free edition. Here you can't even upgrade the free edition to paid if you wanted to, requires a complete re-install.

Best I can say is check the logs in /var/log through the shell and see if anything comes up related to this in the mail logs.

2

Installation and Upgrades / Re: auto-update on Zentyal 5.0 is not working?

« on: April 12, 2017, 03:13:44 am »

Decided to hold off on the upgrade to 5.0 and did the 4.2.5 update instead. Big mistake, it broke the same modules that most seem to be having issues with in the upgrade to 5.0. Had to reset the SSL used by the webmail interface and re-enable the zentyal site config in Apache to get webmail working again. That worked for two weeks until I did another update, rebooted the server, and now it is all screwed up again. This time I can't get it to work using the previous fix as there seems to be Perl scripts missing now.

Guess I am going to just leave enough alone and not run anymore updates until I can do fresh install of 5.0 on a new server.

3

Installation and Upgrades / Re: auto-update on Zentyal 5.0 is not working?

« on: February 07, 2017, 06:35:08 am »

Hmmmm, kind of on the fence about attempting the upgrade from 4.2.3. I never use auto-updated on any Linux server so that wouldn't be any issue if that was broken after upgrade, but nontrivial's issues concern me a bit. So far version 4 has been pretty reliable, would hate to test my luck. Thinking of waiting to just do afresh install on a new server next month and keeping this one as a backup.

4

Installation and Upgrades / Re: zentyal-pptp

« on: March 10, 2016, 08:31:36 am »

Are you looking to setup as a pptp server or client?

Do you have to use pptp, I only ask since pptp is really far to insecure by today's standards. Openvpn or Ipsec would be a far more secure solution and Openvpn is already a part of Zentyal so that is always a plus.

5

Installation and Upgrades / Re: Microsoft Office 2016 compatibility

« on: March 10, 2016, 07:55:29 am »

I have run into the same issue with Outlook 2013 on Windows 10. My main issue seems to come from the Self-signed cert in my case. No matter how I install the cert, it will not permanently take in Outlook. I plan to purchase an SSL.com premium cert to remedy the issue, hopefully. I can't say for sure if this will fix things for you or not. I will be purchasing mine and implement it this weekend, so if it does I will be sure to follow up on the forum.

6

Email and Groupware / Re: Incoming email blacklisting

« on: March 08, 2016, 09:19:50 pm »

Update to the fix---

Realized that the config change was still being over-written, did not realize right away that Zentyal utilizes templates to generate its config files. So, I had to modify the template file located at: /usr/share/zentyal/stubs/mail/main.cf.mas  (after creating a backup of the original of course)

The SMTPD Recipient Restrictions area of my config file now looks like this:

Code: [Select]

my $smtpRecipientRestrictions;
$smtpRecipientRestrictions .= 'permit_sasl_authenticated, ';
$smtpRecipientRestrictions .=  'permit_mynetworks, ';
#at his point all mail for whom the server isn't the final point or the
#forwarder has been rejected so the next restrictions only applies in this two cases
$smtpRecipientRestrictions .= 'reject_unauth_destination, ';

$smtpRecipientRestrictions .= 'reject_non_fqdn_sender, ';
$smtpRecipientRestrictions .= 'reject_unknown_sender_domain, ';

$smtpRecipientRestrictions .= 'reject_invalid_helo_hostname, ';
$smtpRecipientRestrictions .= 'reject_invalid_hostname, ';
$smtpRecipientRestrictions .= 'reject_non_fqdn_helo_hostname, ';
$smtpRecipientRestrictions .= 'reject_rbl_client dnsbl.sorbs.net, ';
$smtpRecipientRestrictions .= 'reject_rbl_client zen.spamhaus.org, ';
$smtpRecipientRestrictions .= 'reject_rbl_client bl.spamcop.net, ';
$smtpRecipientRestrictions .= 'reject_rbl_client b.barracudacentral.org, ';

$smtpRecipientRestrictions .= 'check_helo_access pcre:/etc/postfix/helo_checks.pcre';
if ($greylist) {
    my $greylistRecipientRestriction = "check_policy_service inet:" .
                                        $greylistAddr . ':' .
                                        $greylistPort ;
    $smtpRecipientRestrictions .= ", $greylistRecipientRestriction";
}
Went to the Zentyal Dashboard and restarted the "Mail" module and then confirmed it over-wrote the /etc/postfix/main.cf config file, and it did. Now my logs reflect that all sorts of spam is being rejected based on the RBLs added.

7

Email and Groupware / [SOLVED] Incoming email blacklisting

« on: March 08, 2016, 07:17:31 am »

Well I got some help in another forum, which is disappointing given that this is supposed to be the go to for Zentyal help. But anyway, I took a chance at reformatting the /etc/postfix/main.cf file to eliminate the long single line format of the "# recipient restrictions" area. By doing it this way the changes stayed after a service restart when previously they would disappear (odd to say the least), and the "Mail" logs show the incoming spam being rejected based on spam blocklists which is everything I wanted to accomplish.

Code: [Select]

# recipient restrictions
smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_unauth_destination,
        reject_unauth_pipelining,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_invalid_helo_hostname,
        reject_invalid_hostname,
        reject_non_fqdn_helo_hostname,
        reject_rbl_client dnsbl.sorbs.net,
        reject_rbl_client sbl-xbl.spamhaus.org,
        reject_rbl_client bl.spamcop.net,
        check_helo_access pcre:/etc/postfix/helo_checks.pcre
        permit
submission_recipient_restrictions =
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        permit_sasl_authenticated,
        permit_mynetworks, reject
smtpd_restriction_classes = submission_recipient_restrictions
The newly formatted configuration seems to survive the service restart and does seem to show new spam being rejected in the mail logs. So for now, so far so good. I am going to keep a close eye on this setup for a few days to make sure valid email is not being interfered with, and will post something if it is causing issues.

Hopefully this may help others.....

8

Email and Groupware / Re: Incoming email blacklisting

« on: March 06, 2016, 02:17:34 am »

Ok, since there has not been a solution posted quite yet I resumed my search for a good solution to this. Everything says that I should be able to enable RBL in postfix, but I have tried adding this to the /etc/postfix/main.cf file under "smtpd_recipient_restrictions =" without any success:

Code: [Select]

reject_unauth_destination, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com
When I add it and restart the service it seems to strip the newly added code from the configuration file 

Twice I have added it and twice after a restart the code is gone and the spam just resumes. Any ideas what I am doing wrong here? I am adding it the existing configuration code on that line, not replacing it.

9

Email and Groupware / Re: Incoming email blacklisting

« on: March 04, 2016, 11:30:47 pm »

  Just realized that example just sorts the mail marked as spam to the junkmail folder, what I would like to do is eliminate it before that point.

10

Email and Groupware / [SOLVED] Incoming email blacklisting

« on: March 04, 2016, 09:22:05 pm »

I have had Zentyal 4.2 up and running for awhile at home and so far so good. Everything has been working great, but I am trying to get a handle on the SPAM situation. On my previous email server I had the option of entering TLDs to be blocked with a wildcard in front, for example: I see a ton of spam coming from domains like @example.top or @example.review or @example.download  So I would just setup SpamAssasin to block everything with the sending address ending in .top, .review., or .download. This worked quite well. I am adding email addresses as fast as they come in, but as you all know, the domain names change as fast as you can add them and now I have a few hundred rules to filter spam which is not even close to being effective. Is there a way to utilize a spam blacklist to block mail already listed on a blacklist before it ever reaches the mail filter, such as this article I found below (or will this work):

   

Code: [Select]

sudo nano /etc/dovecot/dovecot.conf
Add the following code in the ## Plugin settings section at the bottom of the file:

   

Code: [Select]

plugin {
    sieve = ~/.dovecot.sieve
    sieve_global_path = /etc/dovecot/sieve/default.sieve
    sieve_dir = ~/sieve
    sieve_global_dir = /etc/dovecot/sieve/global/
}
Create the global directory, if it doesn’t already exist:

   

Code: [Select]

sudo mkdir -p /etc/dovecot/sieve/global
And add your Sieve rule file to move all incoming email into the Spam/ Junk folder which has the X-Spam-Flag set by SpamAssassin:

Code: [Select]

require ["fileinto"];
# rule:[SPAM]
if header :contains "X-Spam-Flag" "YES" {
        fileinto "Spam";
}
Finally you’ll need to restart dovecot for the changes to be picked up.

11

Directory and Authentication / Re: Only 1st page in this forum available ?

« on: February 27, 2016, 09:12:21 am »

Glad I am not the only one with this problem.

12

Other modules / Re: WEP encryption setup for wireless access point

« on: February 27, 2016, 08:38:06 am »

It is difficult to say the least to configure a wireless card in that manner and actually use it in a stable environment. By far the best solution would be to utilize an actual access point connected to the internal network.

Not to say it can't be done.

Also, why WEP encryption, if you don't use WPA/WPA2 then you might as well leave the wireless open by today's standards.