Frequently Asked Questions (FAQ)
How to resolve primary virus scanner (auto) error?
You may find you get an error like:
Unable to select a regular expression for your primary virus scanner (auto) - please see the examples in functions.php to create one.
This happens when you are using newer versions of MailScanner and have the auto setting turned on in your MailScanner.conf file. Edit the configuration and set the string for your virus scanners instead of using the auto setting like:
#Virus Scanners = auto Virus Scanners = clamav
Why are messages quarantined again when I release them in MailWatch?
This is because you need to bypass certain checks for messages from 127.0.0.1 to allow the released messages to pass through MailScanner without being quarantined again.
Set the following in
Filename Rules = %etc-dir%/filename.rules Filetype Rules = %etc-dir%/filetype.rules Dangerous Content Scanning = %rules-dir%/content.scanning.rules Is Definitely Not Spam = %rules-dir%/spam.whitelist.rules
Then the following files should be set-up as follows:
From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf FromOrTo: default /etc/MailScanner/filename.rules.conf
From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf FromOrTo: default /etc/MailScanner/filetype.rules.conf
Edit the following files in
From: 127.0.0.1 no FromOrTo: default yes
From: 127.0.0.1 yes FromOrTo: default no
Create the following files in
allow .* - -
allow .* - -
Can I use wildcards when using the Blacklist/Whitelist (SQLBlackWhiteList)?
No - the Blacklist/Whitelist work on an exact first match only basis.
For Example: if the message is to firstname.lastname@example.org and from email@example.com and the connecting server address is 220.127.116.11, the checks are performed in the following order and the first to match returns true (the message is either whitelist or blacklisted depending on the lookup being performed):
I can’t get MailWatch to ‘see’ my Quarantined e-mail
This is almost always caused by either setting MailScanner to quarantine messages as Queue files or because the Web Server cannot access the quarantine directory or the files within.
Okay - here’s a list of things that you need to check:
- SELinux is either disabled or in permissive mode (until someone would like to help add SELinux support to MailScanner & MailWatch)
- Make sure that ‘Quarantine Whole Message As Queue Files = no’ in MailScanner.conf.
- Make sure that ‘Quarantine Group =
' and 'Quarantine Permissions = 0660' in MailScanner.conf.
- Make sure that ‘Quarantine Dir’ and all subdirectories have the correct permissions (e.g. drwxrwx— and is owned by the same group as ‘Quarantine Group’.)
- Make sure that no part of ‘Quarantine Dir’ is a symlink. Apache typically won’t follow symlinks.
- Check your Apache error log for any obvious errors.
MailWatch can also use the quarantine in two ways:
- Look for the files on the filesystem (original pre-1.0.3 behaviour and slower)
- Store the quarantined state in an indexed field in the database (faster)
This behaviour is governed by the setting QUARANTINE_USE_FLAG in conf.php – if true then the new behaviour is used.
To use the new behaviour correctly – you must disable the MailScanner clean.quarantine script if it is enabled and use the quarantine_maint.php script supplied with MailWatch. This is used to reconcile the quarantine with the database and to remove old files from the quarantine and to update the database to reflect the changes.
MailScanner won’t log to my MailWatch database
This is usually because the ‘Storable’ or other Perl module is missing. Run the following command:
perl -MStorable -MDBI -MDBD::mysql -e 'print "OK\n";'
If you get anything other than ‘OK’ returned, then you are missing one of the Perl modules and need to install it.
I get a fatal error “Cannot redeclare _PEAR_call_destructors()”
MailWatch uses some modified PEAR libraries which conflict with system installed PEAR packages, do not install these pear libraries with your distribution package manager:
Remove them if present