ConfigServer Community Forum

Is there a way to filter on From: instead of Envelope-From:?

We have a cpanel account that receives mail from a service that uses amazonses as the sender.

We cannot find a way to filter on the from address.

The envelope-from: address changes for every message and looks like this:
010001932d065d56-93839514-dab0-423a-be1d-66039412ed54-000000@amazonses.com

The from address is always this:...

Hi Mailscanner experts!...

I'm a novice in Mailscanner and I'm trying to solve these 2 problems:

When we send 3-4 legitimate emails to different email addresses with the same message, Mailscanner highjacks my email and writes: {disarmed} next to the title and writes: MailScanner has detected a possible fraud attempt from applewebdata: claiming to be

I don't mind scanning incoming mails. But I...

Hello,

I'm looking for a way to add entries to the global Whitelist and Blacklist of the ConfigServer MailScanner Front-End via command line or API. Currently, the only available method is to manually add items through the cPanel interface, which is manageable when dealing with 2 or 3 servers. However, when the number of servers increases to, for example, 10 or more, this manual process becomes...

hi
i use msfe v9.26 in Ubuntu With Directadmin control panel
This error is displayed MailControl
MySQL Error:
And it doesn't work
/usr/msfe/mailcontrol/mysql.sock.disable
And the symbolic link in the following path will be deleted after the reboot OS
/run/mysqld/mysqld.sock
and error again
what is the problem?

HI,

I don't want to use the bayesian filter at all, is causing me ton's of problems.

I've read: but /etc/mail/spamassassin/configserver.cf isn't there.

So I have edited /usr/mailscanner/etc/spamassassin.conf setting use_bayes 0 is this everithing I need to do?

Thank you.

Hi Team,
I would like to clarify my position right away.

I'm the customer of a Hosting Provider that has recently adopted “ConfigServer MailScanner” to fight scam.

However, I have some doubts about the operation of ConfigServer MailScanner or its configuration.

I currently set the “Low Scoring Spam” parameter to SpamBox.

Following your documentation, the value “SpamBox” means that any spam...

We upgraded our server and had to reinstall Mailscanner. We used to have it set so the accounts could use mail control on their accounts through their Cpanel but I can't figure out where that setting is. Anyone got a suggestion?

I got this error
MySQL Error:

then mailwhatch is disabled

how can i fix it ?

Hello,
recently I used mysqltuner.pl to optimize MariaDB on my server.

Is it safe to change mailscanner database from MyISAM to InnoDB?

-------- MyISAM Metrics ----------------------------------------------------------------------------
Consider migrating 13 following tables to InnoDB:
* InnoDB migration request for mailscanner.mcp_rules Table: ALTER TABLE mailscanner.mcp_rules...

Hey guys.

I have been using MailScanner for some time and have had few challenges improving its filtering.

One of these few challenges is being able to identify some messages correctly, my current challenge is.

Let's say I have a domain called
domain1.com hosted on MSFE.

I have received messages from outside the server with a falsified from header, they add the same recipient address to the...

Hi, Sarah.
Is there an option in MailScanner that could block emails that comes with nothing on the subject?

Regards,
Sergio

I am receiving spam from the following domains:
support@frommy.from-mn.com
support@frommy.from-dc.com
support@frommy.from-ky.com
support@frommy.from-nv.com
realiuup0310177@from-pa.com
bancoitau66068@pontsita.from-in.com
domiuup0166233@from-vt.com
vivoconta90394@noticses.from-in.com

notice that it is always the type: *@*.from-**.com
Is there any way to blacklist this *.from-**.com?

Hello,

I would need some advice regarding phishing fight with spamassassin and Mailscanner Front End.
I've found this instruction:
I've created a bash scripts cronjob to download openphish, phistank, phishstats, and mailscanner phishing feeds.
Some of them are running every 90 minutes, 4 hours, every 12, and some daily.
Cronjobs transfer data from CSV files to txt format only with url (one url...

Hwo to setup RelayCountry:
I've found this script:
loadplugin Mail::SpamAssassin::Plugin::RelayCountry
ifplugin Mail::SpamAssassin::Plugin::RelayCountry
add_header all Relay-Countries _RELAYCOUNTRY_
add_header all Relay-Country _RELAYCOUNTRY_
report X-Relay-Countries: _RELAYCOUNTRY_
report X-Relay-Country: _RELAYCOUNTRY_
header RC_GOD X-Relay-Countries =~ /(BA|HR|DE)/
describe RC_GOD...

Righ now MailsCanner Front-End just have 4 buttons when checking an email, they are:
BLACKLIST EMAIL, BLACKLIST DOMAIN, WHITELIST EMAIL and WHITELIST DOMAIN.

Would you please consider 2 more:
BLACKLIST *.DOMAIN AND WHITELIST *.DOMAIN ?

Right now there a thousand of attacks from domains like:
root@bn14.ujiso.com
root@bn15.ujiso.com
root@bn16.ujiso.com
root@bn21.ujiso.com
root@bn3.ujiso.com

And...

How do I setup a global filter to block all email sent to the server with certain words in the Body, Subject or Header?

Hello!

I'm facing the following situation:

I have two interconnected servers, one with WHM and cPanel, and the other as a Mailnode with only WHM.

Both servers have Mailscanner installed, but on my Mailnode server, due to the absence of cPanel accounts, I encounter difficulties in manipulating user settings.

On my main server, I can access the interface normally. The question that arises is:...

Sarah,
Would you be kind to check the possibility to add a SUBJECT COUNT into MSFE Statistics, please?

It will be great if it could send a warning mail when more that 100 emails (or threshold defined by admin) with the same subject are sent, this will help to track any email account that is compromised.

Thanks.

Regards,
Sergio

hello,
i new with mailscanner frontend . i found some spam starting from an email address.

i have blacklisted address:

Add to blacklist
Redirecting to /bin/systemctl reload MailScanner.service
System black and white lists updated
Completed

first of all i want to know if this is server wide block
...and also if there is window in GUi or command to check all blacklisted address
thanks