Search results

Following the upgrade guide and getting to the PgSQL part: root@mx1:~# pg_dropcluster --stop 13 main Error: specified cluster does not exist root@mx1:~# pg_upgradecluster -v 13 11 main Stopping old cluster... Restarting old cluster with restricted connections... Notice: extra pg_ctl/postgres...

That should be with you shortly. In the absence of this though, is there a better way that PMG can deal with big files which could cause a timeout? Sending a fail but then also delivering the message seems a bit flawed.

Nothing changed in the CAV config apart from lowering the file sized noted earlier. Nothing in logs. PDF is just a big file. I can actually send this one to you as it is just a standard doc if that would be of use?

@Stoiko Ivanov, completed and certainly two of the PDFs took a very long time. root@xxxx:/tmp# time clamdscan --verbose *.pdf /tmp/xxx.pdf: OK 5 sec 230k /tmp/xxx.pdf: OK 3.3 sec 249k /tmp/xxx.pdf: OK 0.4 sec 91k /tmp/xxx.pdf: OK 1.7 sec 128k /tmp/xxx.pdf: OK 1.7 sec 158k /tmp/xxx.pdf: OK 156...

Sure. I'll come back to you once that testing is done.

pmg-api: 6.3-5 pmg-gui: 2.3-1 pve-kernel-5.4: 6.3-6 pve-kernel-helper: 6.3-6 pve-kernel-5.4.101-1-pve: 5.4.101-1 pve-kernel-5.4.78-2-pve: 5.4.78-2 pve-kernel-5.4.73-1-pve: 5.4.73-1 pve-kernel-5.4.30-1-pve: 5.4.30-1 clamav-daemon: 0.102.4+dfsg-0+deb10u1 libarchive-perl: 3.3.3-1 libjs-extjs...

I've taken the attachments from one of the emails, sent them to myself from Gmail and the same problem is happening. Found some more logs and it appears it is just the time taken to scan. Whilst it is rejecting the message to the sender via 451, it still processes and accepts the message...

The logs were from mail.log. The syslog gives nothing else useful. Outside what I posted above, syslog shows the following around the same time period: Mar 9 10:35:16 xxxx pmg-smtp-filter[940]: starting database maintainance Mar 9 10:35:16 xxxx pmg-smtp-filter[940]: end database...

Have already tried restarting and can confirm it is running as other mail is just fine. Also, these messages sometimes come through without error so it appears they may complete quicker. Is there anyway to add more logging to the filter to know what is happening as for the ones rejected, we're...

Mar 9 10:34:16 xxx postfix/postscreen[349]: CONNECT from [x.x.x.x]:12313 to [x.x.x.x]:25 Mar 9 10:34:16 xxx postfix/postscreen[349]: PASS OLD [x.x.x.x]:12313 Mar 9 10:34:16 xxx postfix/smtpd[612]: connect from xxx.xxx.xxx[x.x.x.x] Mar 9 10:34:16 xxx pmgpolicy[30521]: reloading configuration...

Disk is fine. This error is happening on all four of our PMG servers but only for these messages (with attachments). Every single other message is fine and sometimes it gets through but as it reports back to the sending server the error, it is resent multiple times.

Getting this error in the logs. Mar 8 22:36:10 xxx postfix/smtpd[19218]: proxy-reject: END-OF-MESSAGE: 451 4.3.0 Error: queue file write error; from=<xxxx@xxxx> to=<xxxx@xxxx> proto=ESMTP helo=<xxxxxxx> Along with Mar 8 22:36:10 xxx postfix/smtpd[19218]: warning: timeout talking to proxy...

Sure. https://bugzilla.proxmox.com/show_bug.cgi?id=3287 Right now, not many but we plan to be pushing through many (5k+) domains on a move away from a different solution.

I think the output then relies on us going through each message? Like with https://pmg.proxmox.com/pmg-docs/api-viewer/index.html#/quarantine/spam, we can send over `pmail` to show the messages by email. Where as virus and attachment don't have this field so it would be nice to search by that...

Are there any plans for you to alter the system that mails with held attachments and viruses can be searched by email address? This information would be captured on the receiving message and would then allow us to build against the API so users can see these messages and release them if required.

I think this was actually due to a cluster sync issue. All the non-master nodes were stuck in "syncing". No matter what I did I could not get that to change so rebooted them all and now things are fine. So the issue appears to be that the changes on one node (master), were not filtering through...

They are matching the mail as they appear in the mail headers but the score is not the custom one set. Have run the message through to check but no errors were seen. Are all custom scores matchable or will there be some just ignored?

We've got about 25 custom scores set via the GUI with pmg-smtp-filter reloaded via the GUI and also on the command line. Is there anyway to debug why SA is ignoring the custom scores?

Are there any plans to improve this? Having to log in to each node to check the logs/tracking/queue seems a bit add odds with the clustered nature. At least, it would be a good idea to be able to do this via the GUI to select a node like that can be done with PVE.

This does not work. The only way to work around it is disable the fw at datecentre level which means all HV nodes as well as VMs are unprotected. We'll check out the SDN stuff once it becomes non-experimental.