eFa 4.0.0 released

eFa 4.0.0 is now available!

We would also like to thank everyone for their support and contributions to this project. :clap:

eFa4 is based on CentOS 7 and has been updated to include more recent packages and more security.
Sadly as there is no good upgrade method from CentOS 6 to CentOS 7 this is not an update for your current systems.

eFa4 will need to be installed on a new system and requires you to set it up as a new system or migrate some of the data in your current system.
See the WIKI for more information on how to migrate from eFa 3 to eFa 4 if required.

We also moved away from VM images for Hyper-V and VMWare and created an installation script allowing you to install eFa4 on any system you want.
Although providing images for Hyper-V and VMWare is convenient for some there have also been lots of requests to make the system function on different systems than Hyper-V and VMWare.
For example now with the installation script you can use any Cloud based VPS provider you want as long as they support CentOS 7.

System requirements

eFa4 can be installed on any system you want as long as it supports CentOS 7 and the system is dedicated to eFa4.
The minimum requirements to install eFa4 are:

  • A dedicated system for eFa4
  • CentOS 7 (minimal install preferred)
  • 2 CPU’s
  • 100GB of hard-drive space (SSD highly preferred)
  • 8GB memory (dedicated)

Note that these are the minimum required to run eFa4, if you want to run eFa4 virtual than keep in mind that spam filtering is an intensive process and requires some resources, increasing the specifications will help to speed things up and allowing more throughput, also note that the required disk space is based on the amount of mail you process so increase based on the amount of mail you want to process.

One-Step Install

eFa4 can be installed with just a single command, make sure you are logged in as root and you have a clean CentOS 7 installation to start with. Then just run the following command:

curl -sSL https://install.efa-project.org | bash

This will download all required eFa4 packages from one of our mirrors and installs eFa4 on your system, depending on the speed of your system installation can take between 10 to 30 minutes, after an reboot you are good to go.

Alternative Install Methods

Piping to bash might not be your preferred installation method as it prevents you from reading the code that is about to run on your system. Therefore you can use the following alternative to inspect the code before installation:

wget -O build.bash https://install.efa-project.org
# Inspect the code if needed, then to install the system run:
sudo bash build.bash

it is also possible to install eFa4 from ISO image, these will be available for download soon!.

eFa 4.0.0 released2019-11-07T20:20:29+00:00

eFa version 3.0.2.5 Released

The 3.0.2.5 update is now available.

We would also like to thank everyone for their support and contributions to this project.

The following issues have been fixed (hopefully) in 3.0.2.5:

Issue #324 Enhancement – Import external backup to new EFA device
Issue #361 Enhancement – Display EFA version in the CLI via EFA-Configure
Issue #385 Bug – Changed from reload to restart for Postfix
Issue #386 Bug – Admin cannot modify domain admin accounts
Issue #387 Enhancement – Updated MariaDB recovery script

Enhancement – Let’s Encrypt
Enhancement – Add EFA sponsored DCC servers
Enhancement – Hypervisor detection during init
Enhancement – MailScanner update to 5.0.6-5
Enhancement – MailWatch updated to latest develop
Enhancement – clamav-unofficial-sigs updated to 5.6.2
Security – Regenerate self signed certs for Postfix/Apache/Webmin
Security – Enabled strong cipher preference in Postfix
Security – Enabled strong cipher preference in Apache
Bug – Left the disabling of modsecuirty fix enabled, as new builds of 3.0.2.4 still have it enabled by default
Bug – Updated menu options for “Apache Settings” menu
Bug – Quarantine report to flip from HTTP to HTTPS
Bug – Update quarantine FROM_ADDR to use POSTMASTER address in /etc/EFA-Config

###################### How To Update ##################################

It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.

1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org

Launch EFA-Configure from console or secure shell

(sudo /usr/local/sbin/EFA-Configure)

Choose option 14) Update Now

The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.5.

EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.

eFa version 3.0.2.5 Released2019-11-07T20:10:06+00:00

eFa 3.0.2.3 Update Released

The 3.0.2.3 update is now available.

We would also like to thank everyone for their support and contributions to this project. :clap:

The following issues have been fixed (hopefully) in 3.0.2.3:

Issue #367 Bug – mod_security disable id 981320 (and 981317)
Issue #369 Bug – Variable type mismatch in viewmail.php

Configurable mod_security option added to EFA-Configure
Update MailWatch to resolve various issues found after 3.0.2.2
Includes session enhancements and configurable session timeouts

 

#################### Important Security Notice ########################

/// Everyone is STRONGLY encouraged to update from 3.0.1.8 and below NOW \ \ \

A recent set of vulnerabilities have been discovered in the MailWatch and
SGWI interfaces that can allow an attacker to escalate privileges in eFa.

Because of these vulnerabilities, if you are using the same password for
the console as you are for MailWatch (many folks are), please take a moment
to make your MailWatch admin password different from the console.
Doing so will limit the success of a shared credential attack via MailWatch
on eFa to gain root access.

If you cannnot update or have problems, the following steps are
strongly recommended to keep your appliance safe until you can update
successfully:

1) Rotate your admin passwords in the console and MailWatch UI and make
each one different than the other to prevent a shared credential
attack.

2) Install mod_security and mod_evasive to provide some security in front
of the vulnerable code.

3) Inform your MailWatch users (especially admins) to avoid opening multiple
tabs and performing general web browsing while working in MailWatch

###################### How To Update ##################################

It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.

1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org

Launch EFA-Configure from console or secure shell

(sudo /usr/local/sbin/EFA-Configure)

Choose option 14) Update Now

The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.3.

EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.

eFa 3.0.2.3 Update Released2019-11-07T20:09:22+00:00

eFa 3.0.2.2 Update Released

The 3.0.2.2 update is now available.

We would also like to thank everyone for their support and contributions to this project. :clap:

The following issues have been fixed (hopefully) in 3.0.2.2:

Issue #357 Bug – Fonts Not Rendering in MailWatch
Issue #358 Bug – Certain emails from detail.php do not populate B/W Lists
Issue #362 Bug – mod_security disable id 981247
Issue #363 Bug – Check for failed yum kernel update
Issue #366 Bug – Clear SpamAssassin-Temp

MailWatch update to resolve timeout issues and directory traversal
#################### Important Security Notice ########################

/// Everyone is STRONGLY encouraged to update from 3.0.1.8 and below NOW \ \ \

A recent set of vulnerabilities have been discovered in the MailWatch and
SGWI interfaces that can allow an attacker to escalate privileges in eFa.

Because of these vulnerabilities, if you are using the same password for
the console as you are for MailWatch (many folks are), please take a moment
to make your MailWatch admin password different from the console.
Doing so will limit the success of a shared credential attack via MailWatch
on eFa to gain root access.

If you cannnot update or have problems, the following steps are
strongly recommended to keep your appliance safe until you can update
successfully:

1) Rotate your admin passwords in the console and MailWatch UI and make
each one different than the other to prevent a shared credential
attack.

2) Install mod_security and mod_evasive to provide some security in front
of the vulnerable code.

3) Inform your MailWatch users (especially admins) to avoid opening multiple
tabs and performing general web browsing while working in MailWatch

###################### How To Update ##################################

It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.

1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org

Launch EFA-Configure from console or secure shell

(sudo /usr/local/sbin/EFA-Configure)

Choose option 14) Update Now

The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.2.2.

EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.

eFa 3.0.2.2 Update Released2019-11-07T20:09:05+00:00

eFa 3.0.1.9 Security Update Released

The 3.0.1.9 security update is now available.

We would also like to thank everyone for their support and contributions to this project.

A big thanks to the MailWatch team for making security fixes possible!

The following issues have been fixed (hopefully) in 3.0.1.9:

– Added Apache mod_security by default
– Added Apache X-XSS-Protection header
– Updated MailWatch and Sqlgrey Web Interface (Security Fixes)
– Changed and updated database engine to MariaDB (10.1)

#################### Important Security Notice ########################

/////// Everyone is STRONGLY encouraged to update to 3.0.1.9 NOW \\\\\\\\\

A recent set of vulnerabilities have been discovered in the MailWatch and
SGWI interfaces that can allow an attacker to escalate privileges in eFa.

Because of these vulnerabilities, if you are using the same password for
the console as you are for MailWatch (many folks are), please take a moment
to make your MailWatch admin password different from the console.
Doing so will limit the success of a shared credential attack via MailWatch
on eFa to gain root access.

If you cannnot update to 3.0.1.9 or have problems, the following steps are
strongly recommended to keep your appliance safe until you can update
successfully:

1) Rotate your admin passwords in the console and MailWatch UI and make
each one different than the other to prevent a shared credential
attack.

2) Install mod_security and mod_evasive to provide some security in front
of the vulnerable code.

3) Inform your MailWatch users (especially admins) to avoid opening multiple
tabs and performing general web browsing while working in MailWatch

##################### Important database changes ######################

MailWatch 1.2.1-dev has utf8mb4 character set support.
CentOS 6.8 lacks this support in the stock mysql rpms.
Therefore, upgrades to 3.0.1.9 will migrate the database from mysql
to MariaDB 10.1. This may be a big jump for some users and may want
to perform additional testing prior to upgrading.

###################### How To Update ##################################

It is recommended that you suspend your mail flow and snapshot prior
to updating or to back up the entire appliance.

1) Stop mail flow temporarily (at firewalls/mailservers)
2) Snapshot your VM and its memory using your hypervisor tools
3) If the update fails for any reason, collect relevant logs or screen
outputs/screenshots and revert to your snapshot
4) Report failure at https://forum.efa-project.org

Launch EFA-Configure from console or secure shell

(sudo /usr/local/sbin/EFA-Configure)

Choose option 14) Update Now

The first time you run this update, the kernel may update. If this
happens, the script will halt to give you an opportunity to restart.
After restarting and booting to the new kernel, rerun EFA-Update to
continue the update process to 3.0.1.9.

EFA-Update will not proceed until you are running on the latest
kernel. This is to ensure that open-vm-tools updates appropriately
if present.

eFa 3.0.1.9 Security Update Released2017-03-25T22:03:56+00:00