stephdl

Jun  8 20:52:06 ns7loc3 yum[2075]: Updated: containerd.io-1.2.13-3.2.el7.x86_64
Jun  8 20:52:13 ns7loc3 yum[2075]: Updated: 1:docker-ce-cli-19.03.11-3.el7.x86_64
Jun  8 20:52:19 ns7loc3 yum[2075]: Updated: 3:docker-ce-19.03.11-3.el7.x86_64
Jun  8 20:52:19 ns7loc3 systemd: Reloading.
Jun  8 20:52:19 ns7loc3 systemd: Stopping Docker Application Container Engine...
Jun  8 20:52:19 ns7loc3 dockerd: time="2020-06-08T20:52:19.481538672+02:00" level=info msg="Processing signal 'terminated'"
Jun  8 20:52:19 ns7loc3 dockerd: time="2020-06-08T20:52:19.494814981+02:00" level=info msg="Daemon shutdown complete"
Jun  8 20:52:19 ns7loc3 systemd: Stopped Docker Application Container Engine.
Jun  8 20:52:19 ns7loc3 systemd: Closed Docker Socket for the API.
Jun  8 20:52:19 ns7loc3 systemd: Stopping Docker Socket for the API.

stephdl

#!/bin/bash
                    
# mail_sync h1 u1 p1 h2 u2 p2 check
MAXTRIES=5
if [ $# -lt 6 ]; then
 exit 1
fi
JC=""
if [ x$7 = "xcheck" ]; then
 JC="--justlogin"

stephdl

#!/bin/bash

# NAS IP: 192.168.1.10 in this example
# DHCP scope reservation for macvlan: 192.168.1.210/28 (Details below)
## Network:   192.168.1.210/28
## HostMin:   192.168.1.211
## HostMax:   192.168.1.224
## Hosts/Net: 14

# Create a Synology macvlan0 bridge network attached to the physical eth0, and add the ip range scope (sudo)

stephdl

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 

[nethserver-base]

stephdl

Rspamd blacklist/whitelist multimap

This configuration is provided by the project NethServer, a CentOS clone which provide a full postfix email server with Rspamd and a lot of more good other features https://www.nethserver.org/

domain.org/sub.domain.org blacklist FROM/TO and whitelist FROM/TO whith IP whitelisting.

To manage the priority the blacklist is rejected with a forced action because the priority between blacklist and whitelist is hard to be fine. For example if you blacklist the domain.org, user@domain.org could be blacklisted too even if the use@domain.org is whitelisted. Moreover we want to use our SMTP message rejection and do not reject based on score, because when the message is rejected it is rejected with a SPAM rejection message.

the map is a file with a email or a domain list (one entry per line), same for the IP whitelisting

stephdl

Feb  3 11:40:03 lrtserv-data clamd[3067]: Reading databases from /var/lib/clamav
Feb  3 11:40:11 lrtserv-data rspamd[26933]: <9049f1>; csession; rspamd_task_timeout: processing of task time out: 8.0 second spent; forced processing
Feb  3 11:40:11 lrtserv-data rspamd[26933]: <9049f1>; csession; rspamd_add_passthrough_result: <a6d4015e5eaa4dff988ca9d65a77fef7@2137961799>: set pre-result to 'soft reject' (no score): 'timeout processing message' from task timeout(0)
Feb  3 11:40:11 lrtserv-data rspamd[26933]: <9049f1>; csession; rspamd_redis_connected: skip obtaining bayes tokens for BAYES_HAM of classifier bayes: not enough learns 113; 200 required
Feb  3 11:40:11 lrtserv-data rspamd[26933]: <9049f1>; csession; rspamd_stat_classifiers_process: skip statistics as HAM class is missing
Feb  3 11:40:11 lrtserv-data rspamd[26933]: <9049f1>; csession; rspamd_task_write_log: id: <a6d4015e5eaa4dff988ca9d65a77fef7@2137961799>, ip: 127.0.0.1, from: <futurebusinessfunding@s2137961799.m.en25.com>, (default: F (soft reject

stephdl

nodeBB

Describe your new note here.

https://www.howtoforge.com/tutorial/centos-nodebb-installation/
• mongodb 4.2
• nodebb 1.13.x


curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash -

stephdl

[root@prometheus ~]# su admin -c '/usr/libexec/nethserver/api/system-authorization/read | jq'
{
  "system": [
    "aliases",
    "apps",
    "backup",
    "certificates",
    "company",
    "dhcp",
    "disk-usage",

stephdl

[root@prometheus ~]# sudo -U admin -ll
Matching Defaults entries for admin@de-labrusse.fr on prometheus:
    !visiblepw, always_set_home, match_group_by_gid, always_query_group_plugin, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL
    PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC
    LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

Runas and Command-specific defaults for admin@de-labrusse.fr:
    Defaults!/usr/libexec/nethserver/api/system-apps/read !requiretty
    Defaults!/sbin/e-smith/validate password-strength *, /usr/libexec/nethserver/api/system-dns/read, /usr/libexec/nethserver/api/system-company/read,
    /usr/libexec/nethserver/api/system-hostname/read, /usr/libexec/nethserver/api/system-aliases/read, /usr/libexec/nethserver/api/system-time/read,

stephdl

- test case 0.1 email bl OK

Dec  6 16:59:09 ns7loc13 postfix/smtpd[18330]: connect from ns7loc13.nethservertest.org[192.168.56.14]
Dec  6 16:59:09 ns7loc13 rspamd[18254]: <391443>; proxy; proxy_accept_socket: accepted milter connection from /var/run/rspamd/worker-proxy port 0
Dec  6 16:59:10 ns7loc13 postfix/smtpd[18330]: 0FDD960D9290: client=ns7loc13.nethservertest.org[192.168.56.14]
Dec  6 16:59:10 ns7loc13 rspamd[18254]: <391443>; milter; rspamd_milter_process_command: got connection from 192.168.56.14:48266
Dec  6 16:59:10 ns7loc13 postfix/cleanup[18334]: 0FDD960D9290: message-id=<1.1575647949@nethservertest.org>
Dec  6 16:59:10 ns7loc13 rspamd[18254]: <391443>; proxy; rspamd_mime_parse_message: cannot find content-type for a message, assume text/plain
Dec  6 16:59:10 ns7loc13 rspamd[18254]: <391443>; proxy; rspamd_mime_part_get_cte: detected missing CTE for part as: 7bit
Dec  6 16:59:10 ns7loc13 rspamd[18254]: <391443>; proxy; rspamd_message_parse: loaded message; id: <1.1575647949@nethservertest.org>;