Profile Details

Toggle Sidebar
Recent updates
  • Shannon Miller
    Shannon Miller updated their profile
  • Thanks, Nick, I do appreciate the response. I realize I was asking a long shot for a out of support product. I guess the newer versions of Webapp was never rolled out to ZCP community but small business only. I'm not even sure the updated webapp would fix the attachment issue.

  • Tried checking the clearos-epel, clearos-centos, and zarafa-community-71 and searching for webapp 2.1.2 but none found. Didn't have access to the zarafa-community-71 and had to edit the repos files in yum.repos.d to get it out of error 401 unauthorized. Just sharing notes should anyone else still be using Zarafa community this late in the game.

  • Appreciate really appreciate your response. I've gotten quite a bit of insight from your posts in the last several years. You have also been the only response that wasn't an offer for mobile apps from the UAE. ;)

    I had found COS6 upgrade thread but was hoping to hear from someone who had tried it on COS7 Business and ZCP 7.2, if any are still around. All I have access to are production boxes. We are not planning to pursue the Kopano route. I may just give it a shot if the repo still exists and I can access it. Funny how webapp never got past 2.0.2 in the marketplace repos, though.

    As REO Speedwagon put it, "Keep on rolling"!

  • Webapp update for Zarafa community ZCP 7.2.0 on ClearOS7

    I have a few sites that are still running Zarafa Community. When forwarding certain attachments(pdf, jpg, etc) in webapp, the attachment shows in the attachment line but is stripped when send. Sent items does not show the attachment on the mail. Can forward with IMAP client and z-push clients. Investigated amavis as culprit but it still happens even with no mail antivirus installed. I suspect it is the Webapp that is doing it. Currently running WebApp 2.0.1.47791 - ZCP 7.2.0-48204.

    Anyone have suggestions for updated versions of Webapp for this version of ZCP?

    Appreciate the input.

  • That was it, Nick! Both it and /var/lib/amavis/var/.spamassissin had 297[297] as the owner. I've got it checking the mail queue now. Thanks for the help.

  • Cannot start amavisd without filling maillog with errors.

    Hi, All.

    Wrestling with a COS6 box running gateway and Zarafa community. Around 6am 9/25 local the box started throwing amavis errors. Load was at 20 and responding very sluggishly. Restarting services and finally a reboot. Load would increase again. Mail queue shows 100 messages with (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused). yum removed clamd and reinstalled from Market Place. Noticed I was never able to selet Gateway AV but it was not indicated as installed. yum remove and installs look over 30 minutes to do each time. Finally uninstalled everything I could find related to amavis and spamassassin but must be missing something as top indicated amavisd was running. even after disabling Zarafa services, and SMTP and removing those packages.

    Now have a box that passes mail but the messages in queue still there. Starting Mail Antispam starts amavisd and maillog is full of .....

    Sep 25 11:04:18 mail amavis[23368]: (!)Net::Server: 2020/09/25-11:04:18 Couldn't open lock file "/var/lib/amavis/amavisd.lock"[Permission denied]\n at line 177 in file /usr/share/perl5/vendor_perl/Net/Server/PreForkSimple.pm

    Checked permissions against other working COS6 boxes, not found anything yet. Hunted this forum and others and tried several things but I'm at a loss as to where to go next.

    Any help appreciated.

  • Thanks, Nick. I just didn't see your follow up. Replaced the first box yesterday with new hardware.

    We serve out the built in sites like Webconfig, Zarafa Webapp, and Z-Push. No other websites hosted. Root password was 14 characters. Found the external port was also shared as IMPI port on Supermicro box. Looking at that angle as well. SSH was blocked by firewall when not in use. Shell access component was installed for OpenLDAP and several users had it enabled after the fact but I'm unable to confirm it they did before on one of the boxes. The other box didn't have the component installed. It is not our practice to give shell access until needed and then custom rules to allow specific IP addresses to connect. No users needed it a either location.

    I'm comparing the files that were left behind. Unfortunately, it covered its tracks pretty well. Most of the log files were removed along with bash history. Will be happy to share what I find.

  • Clearos 7 boxes compromised and mining cryptocurrencies.

    Hi, Community. Just relating information at this time. Selected category as system security.

    We have just over 25 ClearOS 7 boxes at various locations. Most are to for individual sites. We have had two boxes compromised in as many weeks. Not been able to ascertain the attack vector. We find a user named support with the same ID as root and indicates the same login times as our with root. It removes the bash history for root, removes many of the logs from /var/log and adds config.txt, cpu.txt, minerd, and monero to /etc/sbin. Cron for root is edited to start monero from /etc/sbin every 5 minutes. We have managed to recreate the logs and rename the additional files to prevent the miner from starting again and getting the boxes operational again (both run Zarafa Community). I removed the user via "vipw" and "vipw -s". Not going to leave the boxes in production.

    Port 81 is open and accessible from outside, passwords are fairly complex, root access is allow from WAN but the port was closed (we only open when we to use for support). It is possible the threat came from LAN side but not been able to find anything from remaining information.

    Posted queries about restoring mail archives due to compromised box but didn't hear anything from anyone. Was wondering if anyone had seen anything like this or if ClearOS would be interested in some telemetry. Going to replace the box compromised last week with fresh install tomorrow and try to replace the other by end of week.

  • Shannon Miller

    Migrate Mail Archive to new box

    Had a ClearOS 7 box compromised and running minerd. Was able to stop the mining and get the box settled but do not trust it. Will be moving mail to new box. Zarafa community should be pretty straight forward. I've done sqldump from old box and import database into the new one. My question is what is the recommended method for moving the mail archive so that the new box will be able to search the old mail archives. Never have figured this out but we've always went from different versions of OS and Zarafa. Anyone have some pointers?