[TUTORIAL] Advancing Proxmox Mail Gateway (especially Spam and Virus Detection)

[killmasta93]

Hi anyone else has been getting this recently?

/etc/cron.hourly/sa-update:
Possible unintended interpolation of @infoadvertising in string at /tmp/.spamassassin4845VvIzhdtmp/70_HS_header.cf, rule HS_HEADER_1771, line 1.
rules: failed to compile Mail::SpamAssassin::Plugin::Check::_head_tests_0_5, skipping:
    (Global symbol "@infoadvertising" requires explicit package name (did you forget to declare "my @infoadvertising"?) at /tmp/.spamassassin4845VvIzhdtmp/70_HS_header.cf, rule HS_HEADER_1771, line 1.)
channel: lint check of update failed, channel failed

 

[Andy_red]

It looks like heutger is Offline since May 2021.
I hope he is OK, but I am planning to rewrite all 15 pages in one new post, because a lot changed.
Some configurations are EOL and in PMG 7 some features are by default available.

Hello Maxim,
do you have any news on the summary of this forum tread?

 

[Overlord]

It looks like heutger is Offline since May 2021.
I hope he is OK, but I am planning to rewrite all 15 pages in one new post, because a lot changed.
Some configurations are EOL and in PMG 7 some features are by default available.

"Last seen Apr 30, 2022" - hope you're fine as well.

Any plans for a release of your guide?

 

[rickygm]

hi, has anyone tried avast with the latest version of pmg?

 

[tom]

hi, has anyone tried avast with the latest version of pmg?

yes, see https://pmg.proxmox.com/wiki/index.php/Install_Avast

 

[rickygm]

thank

 

[karnz]

I followed this tutorial for very long time and it's working fine.
Until now received this error from sa-update cronjob after updated to PMG 7.3 that shipped along with SpamAssassin 4.0

/etc/cron.hourly/sa-update:
plugin: failed to parse plugin (from @INC): Can't locate Mail/SpamAssassin/Plugin/Hashcash.pm in @INC (you may need to install the Mail::SpamAssassin::Plugin::Hashcash module) (@INC contains: lib /usr/share/perl5 /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl) at (eval 133) line 1.

config: deprecated setting used, change country_db_type to geodb_module
config: deprecated setting used, change country_db_path to geodb_options
geodb: MaxMind::DB::Reader (GeoIP2) module load failed: Can't locate MaxMind/DB/Reader.pm in @INC (you may need to install the MaxMind::DB::Reader module) (@INC contains: /var/lib/spamassassin/compiled/5.032/4.000000 /var/lib/spamassassin/compiled/5.032/4.000000/auto lib /usr/share/perl5 /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl)
plugin: failed to parse plugin (from @INC): Can't locate Mail/SpamAssassin/Plugin/Hashcash.pm in @INC (you may need to install the Mail::SpamAssassin::Plugin::Hashcash module) (@INC contains: /var/lib/spamassassin/compiled/5.032/4.000000 /var/lib/spamassassin/compiled/5.032/4.000000/auto lib /usr/share/perl5 /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl) at (eval 214) line 1.

config: deprecated setting used, change country_db_type to geodb_module
config: deprecated setting used, change country_db_path to geodb_options
geodb: MaxMind::DB::Reader (GeoIP2) module load failed: Can't locate MaxMind/DB/Reader.pm in @INC (you may need to install the MaxMind::DB::Reader module) (@INC contains: /var/lib/spamassassin/compiled/5.032/4.000000 /var/lib/spamassassin/compiled/5.032/4.000000/auto /var/lib/spamassassin/compiled/5.032/4.000000 /var/lib/spamassassin/compiled/5.032/4.000000/auto lib /usr/share/perl5 /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 /usr/share/perl/5.32 /usr/local/lib/site_perl)

It seems SA 4.0 doesn't include Hashcash and Maxmind DB Reader modules.
Tried to install Mail/SpamAssassin/Plugin/Hashcash.pm but SA will be downgraded to 3.4 automatically which is not good.

Anyone try to fix this?

 

[CRCinAU]

Anyone try to fix this?

I edited `/etc/mail/spamassassin/init.pre` and commented out the Hashcash line. It allows things to work, but probably needs an update that resolves this properly.

 

[dcsapak]

just fyi, the hashcash plugin was deprecated before and is now removed.
quote from the spamassassin 4 release notes:

Removed plugin
--------------

HashCash module, formerly deprecated, has now been removed completely

 

[immernochjan]

Hi,
after upgrade to Proxmox MGW 7.3 there is a lot of more Spam. We used sa-update channels like described in this thread.
(for example sa.schaal-it.net).

when I run sa-update --nogpg --channel sa.schaal-it.net -D the debug message is:

Apr 13 15:02:11.273 [3894506] dbg: dns: query failed: 0.0.4.sa.schaal-it.net => NXDOMAIN
Apr 13 15:02:12.964 [3894506] dbg: channel: no updates available, skipping channel


are this rules not compatible with spamassassin 4.0 or might there be a solution to load it with the
new sa-update script ?

Best, Jan

 

[SamTzu]

[%- IF pmg.mail.rejectunknownsender %] reject_unknown_sender_domain[% END %]

IMHO - That should be default option.

 

[MiamiJack]

I dont think of this as off topic, so what are the recommended SA Plugins that should be added?
Because we all want to block more junk.

( For me recommend is low false positives and somewhat conservative practices)
My init.pre only has SPF/DKIM & URIDNSBL.

Then for local.cf I have:
use_bayes 0 bayes_auto_expire 0 bayes_learn_to_journal 1 ok_languages all include /usr/share/spamassassin-extra/kam_sa-channels_mcgrail_com.cf

Thanks!