CalmAv Exim Setup

Develop

Verified User
Joined
Jun 9, 2016
Messages
156
Location
Istanbul, TR
Hello All,

I have just finished install ClamAv on sistem by this guide. https://www.woktron.com/secure/knowledgebase/136/Installation-Clam-Anti-Virus-ClamAV-on-DirectAdmin-or-CentOS.html

ClamAv works well. I see on directadmin service monitor.

netstat -tap | grep clamd

Result:

tcp 0 0 localhost.local:dyna-access *:* LISTEN 4405/clamd

But on exim conf there is no "check_message:" part. And I could not past necessary scripts for exim.conf. Please check it below.

PHP:
deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = */defer_ok
deny message = This message contains an attachment of a type which we  do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

And exim not scan email s without this code. On email headers there is no "X-Antivirus-Scanner:..." details.

Thanks.
 

bdacus01

Verified User
Joined
Jul 22, 2017
Messages
3,698
Location
Murfreesboro
on the options.conf what do you have for is clamav exim set yes?

Code:
cd /usr/local/directadmin/custombuild
cat options.conf

#ClamAV-related Settings
clamav=yes
clamav_exim=yes
modsecurity_uploadscan=no
proftpd_uploadscan=no
pureftpd_uploadscan=no
suhosin_php_uploadscan=no
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,254
Location
GMT +7.00
The following commands should couple exim with clamav:

Code:
cd /usr/local/directadmin/custombuild
./build set clamav yes
./build set clamav_exim yes
./build set exim yes
./build set eximconf yes
./build set eximconf_release 4.5


./build clamav
./build exim
./build exim_conf
 

Develop

Verified User
Joined
Jun 9, 2016
Messages
156
Location
Istanbul, TR
Thank you for all answers.

Special thanks zEitEr

Fixed:

cd /usr/local/directadmin/custombuild
./build set clamav yes
./build set clamav_exim yes
./build set exim yes
./build set eximconf yes
./build set eximconf_release 4.5


./build clamav
./build exim
./build exim_conf
 

sufiyanshaikh

Verified User
Joined
Aug 14, 2019
Messages
162
The following commands should couple exim with clamav:

Code:
cd /usr/local/directadmin/custombuild
./build set clamav yes
./build set clamav_exim yes
./build set exim yes
./build set eximconf yes
./build set eximconf_release 4.5


./build clamav
./build exim
./build exim_conf
After setting running these command, started getting error about IPv6 PTR from gmail and mail not sending to Gmail.

IPv6 was enabled in server and hostname entry of IPv6 was added too.
===
Our system has detected that this message does\n550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and\n550-5.7.1 authentication. Please review\n550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information\n550 5.7.1 . p12si6546266wmq.64 - gsmtp
===

How to add PTR record for IPv6?
 

sufiyanshaikh

Verified User
Joined
Aug 14, 2019
Messages
162
What to you mean with hostname entry of ipv6? Is that an A record? Or did you also created an rDNS record for the ipv6 for your hostname at your datacenter/ip provider?
PTR record for IPv6

Please read the below error received from Gmail so that you know what exactly I am trying to fix.
===
Our system has detected that this message does\n550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and\n550-5.7.1 authentication. Please review\n550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information\n550 5.7.1 . p12si6546266wmq.64 - gsmtp
===
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
8,527
Location
Maastricht
PTR record for IPv6
It's not clear to me if you know that a PTR record is the same as an rDNS record which I was talking about.
Also, it's not clear to me if you put in an rDNS/PTR record for your ipv6 on the hostname with your ip provider (mostly datacenter or hoster), because some people put a PTR record in their Directadmin DNS and that doesn't have any effect for good working.

I did read the error, which was exactly why I was asking you this. :)
 

sufiyanshaikh

Verified User
Joined
Aug 14, 2019
Messages
162
It's not clear to me if you know that a PTR record is the same as an rDNS record which I was talking about.
Also, it's not clear to me if you put in an rDNS/PTR record for your ipv6 on the hostname with your ip provider (mostly datacenter or hoster), because some people put a PTR record in their Directadmin DNS and that doesn't have any effect for good working.

I did read the error, which was exactly why I was asking you this. :)
My Apologies.
I thought the same and I did configure rDNS with my hosting provider for IPv4 as well as for IPv6.
I even had valid hostname records for IPv4 & IPv6 but still, Gmail sent me this message
Our system has detected that this message does\n550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and\n550-5.7.1 authentication. Please review\n550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information\n550 5.7.1 . p12si6546266wmq.64 - gsmtp

I am still confused about what Gmail needs that it will not drop server mails.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
8,527
Location
Maastricht
What is the domain name you are getting this error with when sending mail? If you don't want to post in public, send it to me by pm.
 

sufiyanshaikh

Verified User
Joined
Aug 14, 2019
Messages
162
I can't help you without a domain name to do checks.
I really appreciate your help however as it was a production server, I removed IPv6 to fix the issue.
It's not that I am hesitating to provide you domain name, it's just that it will be of no use because IPv6 is no longer active on the server.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
8,527
Location
Maastricht
I removed IPv6 to fix the issue.
If you are removing ipv6 and no longer planning to use it, then there's indeed no use to investigate further.
To be honest, we don't use ipv6 yet either, also because in some cases it can cause issues with Letsencrypt, so for the time being, we also disable ipv6 by default.
 
Top