Skywalker-11
commented
6 years ago Which MailWatch version are you using? And to which empty message are you referring to?
Closed szzr closed 4 years ago
Skywalker-11
commented
6 years ago Which MailWatch version are you using? And to which empty message are you referring to?
szzr
commented
6 years ago Hey, i use the latest version of Mailwatch and Mailscanner. MailWatch 1.2.6 MailScanner 5.0.6 When i send a message, then mailwatch should show me recent message. For now is my recent message list blank - picture link: https://pilv.addit.ee/index.php/s/5Mah9LusOw4RlmH
Skywalker-11
commented
6 years ago Stop MailScanner (service mailscanner stop) and then run MailScanner --lintto make sure that the datbase connection for the mailscanner part is working. If there are no errors you can also try to run the upgrade.php again, restart the mailscanner service and send an other test mail. Otherwise please post the output of MailScanner --lint and the part of mail.log for a test mail.
szzr
commented
6 years ago Hey, i have one more error: Cannot login MailWatch: Error: unable to validate security token
Here ise my Mailscanner --lint
Trying to setlogsock(unix)
Reading configuration file /etc/MailScanner/MailScanner.conf Reading configuration file /etc/MailScanner/conf.d/README Read 1500 hostnames from the phishing whitelist Read 11870 hostnames from the phishing blacklists Config: calling custom init function MailWatchLogging
Checking version numbers... Version number in MailScanner.conf (5.0.6) is correct.
Your envelope_sender_header in spamassassin.conf is correct. MailScanner setting GID to (119) MailScanner setting UID to (112)
Filename Checks: Windows/DOS Executable (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting 1.message: Eicar-Test-Signature FOUND
./1/eicar.com: Eicar-Test-Signature FOUND
Virus Scanner test reports: ClamAV said "eicar.com contains Eicar-Test-Signature"
If any of your virus scanners (clamd) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. Config: calling custom end function MailWatchLogging janar@tsutt:~$ sudo service mailscanner stop janar@tsutt:~$ sudo -u postfix /usr/sbin/MailScanner --lint Trying to setlogsock(unix)
Reading configuration file /etc/MailScanner/MailScanner.conf Reading configuration file /etc/MailScanner/conf.d/README Read 1500 hostnames from the phishing whitelist Read 11870 hostnames from the phishing blacklists Config: calling custom init function MailWatchLogging
Checking version numbers... Version number in MailScanner.conf (5.0.6) is correct.
Your envelope_sender_header in spamassassin.conf is correct. MailScanner setting GID to (119) MailScanner setting UID to (112)
Filename Checks: Windows/DOS Executable (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting 1.message: Eicar-Test-Signature FOUND
./1/eicar.com: Eicar-Test-Signature FOUND
Virus Scanner test reports: ClamAV said "eicar.com contains Eicar-Test-Signature"
If any of your virus scanners (clamd) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. Config: calling custom end function MailWatchLogging
And here ise my test mail /var/log/mail.log
Oct 20 19:23:14 tsutt postfix/smtpd[13823]: connect from smtp-out.neti.ee[194.126.106.76] Oct 20 19:23:14 tsutt postfix/smtpd[13823]: Anonymous TLS connection established from smtp-out.neti.ee[194.126.106.76]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) Oct 20 19:23:14 tsutt postfix/smtpd[13823]: BA166C00C0: client=smtp-out.neti.ee[194.126.106.76] Oct 20 19:23:14 tsutt postfix/cleanup[13800]: BA166C00C0: hold: header Received: from smtp-out.neti.ee (smtp-out.neti.ee [194.126.106.76])??(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))??(No client certificate requested)??$ Oct 20 19:23:14 tsutt postfix/cleanup[13800]: BA166C00C0: message-id=de79c6d603447ed16816a1a299fee169e7bf00d0@neti.ee Oct 20 19:23:14 tsutt postfix/smtpd[13823]: disconnect from smtp-out.neti.ee[194.126.106.76] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7 Oct 20 19:23:15 tsutt MailScanner[8914]: New Batch: Scanning 1 messages, 3027 bytes Oct 20 19:23:15 tsutt MailScanner[8914]: Virus and Content Scanning: Starting Oct 20 19:23:31 tsutt MailScanner[8914]: Requeue: BA166C00C0.A9BEF to 0921EC00A8 Oct 20 19:23:31 tsutt postfix/qmgr[11779]: 0921EC00A8: from=janareding@neti.ee, size=2310, nrcpt=1 (queue active) Oct 20 19:23:31 tsutt MailScanner[8914]: Uninfected: Delivered 1 messages Oct 20 19:23:31 tsutt MailScanner[8914]: Deleted 1 messages from processing-database Oct 20 19:23:31 tsutt spamd[1815]: spamd: connection from localhost [::1]:42922 to port 783, fd 5 Oct 20 19:23:31 tsutt spamd[1815]: spamd: processing message de79c6d603447ed16816a1a299fee169e7bf00d0@neti.ee for nobody:115 Oct 20 19:23:31 tsutt MailScanner[13853]: MailScanner Email Processor version 5.0.6 starting... Oct 20 19:23:32 tsutt MailScanner[13853]: Reading configuration file /etc/MailScanner/MailScanner.conf Oct 20 19:23:32 tsutt MailScanner[13853]: Reading configuration file /etc/MailScanner/conf.d/README Oct 20 19:23:32 tsutt MailScanner[13853]: Read 1500 hostnames from the phishing whitelist Oct 20 19:23:32 tsutt MailScanner[13853]: Read 11870 hostnames from the phishing blacklists Oct 20 19:23:32 tsutt MailScanner[13853]: Config: calling custom init function MailWatchLogging Oct 20 19:23:32 tsutt MailScanner[13853]: Using SpamAssassin results cache Oct 20 19:23:32 tsutt MailScanner[13853]: Connected to SpamAssassin cache database Oct 20 19:23:32 tsutt MailScanner[13853]: Enabling SpamAssassin auto-whitelist functionality... Oct 20 19:23:34 tsutt spamd[1815]: plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot create lockfile /etc/MailScanner/bayes/bayes/.mutex: Not a directory Oct 20 19:23:34 tsutt spamd[1815]: spamd: clean message (-0.3/5.0) for nobody:115 in 2.3 seconds, 2796 bytes. Oct 20 19:23:34 tsutt spamd[1815]: spamd: result: . 0 - HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,SPF_PASS scantime=2.3,size=2796,user=nobody,uid=115,required_score=5.0,rhost=localhost,raddr=::1,rport=42922,mid=<de79c6d$ Oct 20 19:23:34 tsutt spamd[1255]: prefork: child states: II Oct 20 19:23:34 tsutt postfix/pickup[11778]: 5C172C00D3: uid=65534 from=janareding@neti.ee Oct 20 19:23:34 tsutt postfix/cleanup[13800]: 5C172C00D3: hold: header Received: by mail.tsutt.ee (Postfix, from userid 65534)??id 5C172C00D3; Fri, 20 Oct 2017 19:23:34 +0300 (EEST) from local; from=janareding@neti.ee to=<janar@tsutt.$ Oct 20 19:23:34 tsutt postfix/cleanup[13800]: 5C172C00D3: message-id=de79c6d603447ed16816a1a299fee169e7bf00d0@neti.ee Oct 20 19:23:34 tsutt postfix/pipe[13851]: 0921EC00A8: to=janar@tsutt.ee, relay=spamassassin, delay=20, delays=17/0.02/0/2.4, dsn=2.0.0, status=sent (delivered via spamassassin service) Oct 20 19:23:34 tsutt postfix/qmgr[11779]: 0921EC00A8: removed Oct 20 19:23:34 tsutt MailScanner[10517]: New Batch: Scanning 1 messages, 3491 bytes Oct 20 19:23:34 tsutt MailScanner[10517]: Virus and Content Scanning: Starting Oct 20 19:23:35 tsutt MailScanner[13853]: Connected to Processing Attempts Database Oct 20 19:23:35 tsutt MailScanner[13853]: Found 0 messages in the Processing Attempts Database Oct 20 19:23:35 tsutt MailScanner[13853]: Using locktype = flock Oct 20 19:23:50 tsutt MailScanner[10517]: Requeue: 5C172C00D3.A9BBA to 2505DC00A8 Oct 20 19:23:50 tsutt postfix/qmgr[11779]: 2505DC00A8: from=janareding@neti.ee, size=3225, nrcpt=1 (queue active) Oct 20 19:23:50 tsutt MailScanner[10517]: Uninfected: Delivered 1 messages Oct 20 19:23:50 tsutt MailScanner[10517]: Deleted 1 messages from processing-database Oct 20 19:23:50 tsutt dovecot: lmtp(13877): Connect from local Oct 20 19:23:50 tsutt MailScanner[13878]: MailScanner Email Processor version 5.0.6 starting... Oct 20 19:23:50 tsutt MailScanner[13878]: Reading configuration file /etc/MailScanner/MailScanner.conf Oct 20 19:23:50 tsutt MailScanner[13878]: Reading configuration file /etc/MailScanner/conf.d/README Oct 20 19:23:50 tsutt MailScanner[13878]: Read 1500 hostnames from the phishing whitelist Oct 20 19:23:50 tsutt MailScanner[13878]: Read 11870 hostnames from the phishing blacklists Oct 20 19:23:50 tsutt MailScanner[13878]: Config: calling custom init function MailWatchLogging Oct 20 19:23:50 tsutt dovecot: lmtp(janar@tsutt.ee): IiYBCBYj6lk1NgAAhE7Rig: msgid=de79c6d603447ed16816a1a299fee169e7bf00d0@neti.ee: saved mail to INBOX Oct 20 19:23:50 tsutt postfix/lmtp[13876]: 2505DC00A8: to=janar@tsutt.ee, relay=mail.tsutt.ee[private/dovecot-lmtp], delay=16, delays=16/0.01/0.05/0.16, dsn=2.0.0, status=sent (250 2.0.0 janar@tsutt.ee IiYBCBYj6lk1NgAAhE7Rig Saved) Oct 20 19:23:50 tsutt dovecot: lmtp(13877): Disconnect from local: Successful quit Oct 20 19:23:50 tsutt postfix/qmgr[11779]: 2505DC00A8: removed Oct 20 19:23:50 tsutt MailScanner[13878]: Using SpamAssassin results cache Oct 20 19:23:50 tsutt MailScanner[13878]: Connected to SpamAssassin cache database Oct 20 19:23:50 tsutt MailScanner[13878]: Enabling SpamAssassin auto-whitelist functionality... Oct 20 19:23:53 tsutt MailScanner[13878]: Connected to Processing Attempts Database Oct 20 19:23:53 tsutt MailScanner[13878]: Found 0 messages in the Processing Attempts Database Oct 20 19:23:53 tsutt MailScanner[13878]: Using locktype = flock
janarzz
commented
6 years ago Hey, finally i reinstall MailWtch/MailScanner and recent messages are done! But i have new issuses with mailwatch... 1) I cannot see Release message window and quarantine folder is empty.. 2) Incoming messages are duplicated. Screen URL: https://pilv.addit.ee/index.php/s/BskYvcIHk5sVC76
Skywalker-11
commented
6 years ago @janarzz good to hear its working now. Did you installed it in a different way or is the doc unclear?
to 1.:MailScanner does not store mails that are clean (no spam and no viruses). That's why MailWatch can't execute any actions on that mails. To enable this you have to also store clean mails via MailScanner (in your MailScanner config file add: Non Spam Actions = store deliver header "X-Spam-Status: No"). #936 , #854 are related
To check if MailScanner virus scanning works try to send an EICAR test mail and see if it is detected as malicious and then shown inside the quarantine view
to 2.: both mails in your third screenshot have different time and size so they seem to be different mails. If this happens with every mail logged by MailWatch check for the message ids (should be different) and post the log part of mail.log for two example messages that seem to be logged twice.
janarzz
commented
6 years ago Hey, many thnaks ! First problem is resolved :) First time i installed mailwatch without this: http://docs.mailwatch.org/install/getting-started.html I think that was a reason, why mailwatch did not start working. Duplicate messages disturbing..i hope this problem can resolved... Yes..this messages id-s is different.. I posted mail.log here:
Nov 11 14:23:19 meiliserver postfix/smtpd[4776]: connect from mail.addit.ee[95.153.49.150] Nov 11 14:23:19 meiliserver postfix/smtpd[4776]: Anonymous TLS connection established from mail.addit.ee[95.153.49.150]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) Nov 11 14:23:19 meiliserver postfix/smtpd[4776]: 22E79141068: client=mail.addit.ee[95.153.49.150] Nov 11 14:23:19 meiliserver postfix/cleanup[4792]: 22E79141068: hold: header Received: from mail.addit.ee (mail.addit.ee [95.153.49.150])??by mail.tsutt.ee (Postfix) with ESMTPS id 22E79141068??f$ Nov 11 14:23:19 meiliserver postfix/cleanup[4792]: 22E79141068: message-id=7de96527-cedc-971c-ce6e-1b2cb20ee138@addit.ee Nov 11 14:23:19 meiliserver postfix/smtpd[4776]: disconnect from mail.addit.ee[95.153.49.150] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7 Nov 11 14:23:20 meiliserver MailScanner[4082]: New Batch: Scanning 1 messages, 2075 bytes Nov 11 14:23:20 meiliserver MailScanner[4082]: Virus and Content Scanning: Starting Nov 11 14:23:37 meiliserver MailScanner[4082]: Requeue: 22E79141068.AE247 to 5C1BE141290 Nov 11 14:23:37 meiliserver MailScanner[4082]: Uninfected: Delivered 1 messages Nov 11 14:23:37 meiliserver MailScanner[4082]: Deleted 1 messages from processing-database Nov 11 14:23:37 meiliserver postfix/qmgr[2040]: 5C1BE141290: from=janar@addit.ee, size=1382, nrcpt=1 (queue active) Nov 11 14:23:37 meiliserver MailScanner[4082]: MailWatch: Logging message 22E79141068.AE247 to SQL Nov 11 14:23:40 meiliserver postfix/pipe[4809]: 5C1BE141290: to=janar@tsutt.ee, relay=spamassassin, delay=22, delays=19/0.53/0/2.3, dsn=2.0.0, status=sent (delivered via spamassassin service) Nov 11 14:23:40 meiliserver postfix/qmgr[2040]: 5C1BE141290: removed Nov 11 14:23:40 meiliserver postfix/pickup[2039]: A5B7B141068: uid=65534 from=janar@addit.ee Nov 11 14:23:40 meiliserver postfix/cleanup[4792]: A5B7B141068: hold: header Received: by mail.tsutt.ee (Postfix, from userid 65534)??id A5B7B141068; Sat, 11 Nov 2017 14:23:40 +0200 (EET) from lo$ Nov 11 14:23:40 meiliserver postfix/cleanup[4792]: A5B7B141068: message-id=7de96527-cedc-971c-ce6e-1b2cb20ee138@addit.ee Nov 11 14:23:41 meiliserver MailScanner[3982]: New Batch: Scanning 1 messages, 2312 bytes Nov 11 14:23:41 meiliserver MailScanner[3982]: Virus and Content Scanning: Starting Nov 11 14:24:00 meiliserver MailScanner[3982]: Requeue: A5B7B141068.A3878 to C4B19141290 Nov 11 14:24:00 meiliserver MailScanner[3982]: Uninfected: Delivered 1 messages Nov 11 14:24:00 meiliserver postfix/qmgr[2040]: C4B19141290: from=janar@addit.ee, size=2050, nrcpt=1 (queue active) Nov 11 14:24:00 meiliserver MailScanner[3982]: Deleted 1 messages from processing-database Nov 11 14:24:00 meiliserver MailScanner[3982]: MailWatch: Logging message A5B7B141068.A3878 to SQL Nov 11 14:24:01 meiliserver dovecot: lmtp(4874): Connect from local Nov 11 14:24:02 meiliserver dovecot: lmtp(janar@tsutt.ee): SS20I+HrBloKEwAAILeQnw: msgid=7de96527-cedc-971c-ce6e-1b2cb20ee138@addit.ee: saved mail to INBOX Nov 11 14:24:02 meiliserver postfix/lmtp[4873]: C4B19141290: to=janar@tsutt.ee, relay=mail.tsutt.ee[private/dovecot-lmtp], delay=21, delays=20/0.39/0.33/0.4, dsn=2.0.0, status=sent (250 2.0.0 <$ Nov 11 14:24:02 meiliserver postfix/qmgr[2040]: C4B19141290: removed Nov 11 14:24:02 meiliserver dovecot: lmtp(4874): Disconnect from local: Successful quit
stale[bot]
commented
4 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Hey, i have problem: Recent messages are empty. My conf: ubuntu server 16.04.3 Apache 2.4.18 Mysql 5.7.19 PHP 7.0.22 postfix 3.1.0
Another problem is there: Fatal error: Uncaught mysqli_sql_exception: Expression #1 of ORDER BY clause is not in GROUP BY clause and contains nonaggregated column 'mailscanner.maillog.date' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by in /var/www/html/mailscanner/functions.php:970 Stack trace: #0 /var/www/html/mailscanner/functions.php(970): mysqli->query('\n SELECT\n DATE...') #1 /var/www/html/mailscanner/graphgenerator.inc.php(194): dbquery('\n SELECT\n DATE...') #2 /var/www/html/mailscanner/graphgenerator.inc.php(94): GraphGenerator->prepareData() #3 /var/www/html/mailscanner/rep_total_mail_by_date.php(195): GraphGenerator->printLineGraph() #4 {main} thrown in /var/www/html/mailscanner/functions.php on line 970