Search found 147 matches

by maxxer
Fri Jan 17, 2020 8:11 am
Forum: Administrators
Topic: Unable to whitelist clamav signature
Replies: 1
Views: 295

Re: Unable to whitelist clamav signature

Finally solved. The file name appears to be irrelevant, as long as the extension is ign2.

The problem is the rule name: it must be indicated without the .UNOFFICIAL extension (or any other. In some posts I found you need to add .{}).
by maxxer
Thu Jan 16, 2020 9:17 pm
Forum: Administrators
Topic: Unable to whitelist clamav signature
Replies: 1
Views: 295

Unable to whitelist clamav signature

Hi. I've added Malwarebytes unofficial signature list to my Zimbra ClamAV. It has some over restrictive rules, like MBL_50076603 which blocks all mails containing a link to Google Drive. So I want to whitelist some of them, like this. The zimbra email notification looks like this: A virus was found:...
by maxxer
Fri Jan 10, 2020 1:02 pm
Forum: Administrators
Topic: error in network service after one wrong login
Replies: 13
Views: 6852

Re: error in network service after one wrong login

To add IP address or networks in CIDR format zimbra@zimbra:~$ zmprov mcf zimbraHttpThrottleSafeIPs 223.232.129.201 zimbra@zimbra:~$ zmprov mcf zimbraHttpThrottleSafeIPs 201.58.38.113 zimbra@zimbra:~$ zmprov mcf zimbraHttpThrottleSafeIPs 172.33.5.0/24 This is not correct: IPs must be added with + (a...
by maxxer
Thu Nov 14, 2019 10:15 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

I think there's no logging for normal operations, only for errors
by maxxer
Wed Nov 13, 2019 8:20 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

How strange. Unfortunately I don't know python so I cannot help further. You can try opening an issue on the project's github
by maxxer
Tue Nov 12, 2019 10:51 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

zimico wrote:Just remove the .sock file (the path is in the conf file) and restart service. And then you will see the errors which relate to .py files.


I have no idea how the plugin works, but based on this message Connection to www.virustotal.com timed out. it looks like your server cannot reach VT
by maxxer
Tue Nov 12, 2019 9:10 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

From this line Nov 12 15:06:20 mail.zoholab.com amavisvtd[16553]: 2019-11-12 15:06:20,394 ERROR [MainThread] Socket /opt/zimbra/data/clamav/amavisvtd.sock isn't working: [Errno 111] Connection refused it looks like either the socket isn't created or it doesn't have permissions to access the location.
by maxxer
Mon Nov 11, 2019 1:04 pm
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

I was mistaken. Content of /etc/systemd/system/amavis-vtd.service is [Unit] Description=AmavisVTd [Service] ExecStart=/usr/bin/python3 /usr/local/lib/python3.5/dist-packages/amavisvt-0.5.3-py3.5.egg/amavisvt/amavisvtd.py Restart=always RestartSec=10 StandardOutput=syslog StandardError=syslog SyslogI...
by maxxer
Mon Nov 11, 2019 9:52 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

The service file is in the GitHib repo of the project. I'll try to document better
by maxxer
Thu Nov 07, 2019 9:57 am
Forum: Administrators
Topic: VirusTotal check for Zimbra emails
Replies: 21
Views: 2837

Re: VirusTotal check for Zimbra emails

It's an old page (2016) and it's in french (sorry) but here you have informations about using the free version of Tyk as proxy/cache to the VT API. https://blog.zenithar.org/post/2016/01/15/tyk-proxy-virustotal/ Thanks, very useful. It needs a little tweaking, at least for how I intended to use it....

Go to advanced search